Advertisement
Not sure why, but after changing the domain administrator password I’m not able to request a certificate from the certificate authority for most certs. After the password change I only see “Computer”, “Web Server” and “Workstation Authentication” from a domain joined Windows server. If I check “Show all templates” I do see the rest of the certs, but all show “permissions on the certificate template do not allow the current user to enroll…”.<\/p>\n
If I log into a domain controller I’m able to see all of the certs and enroll them.<\/p>","upvoteCount":10,"answerCount":3,"datePublished":"2023-05-16T11:52:39.000Z","author":{"@type":"Person","name":"cwhitmore","url":"https://community.spiceworks.com/u/cwhitmore"},"acceptedAnswer":{"@type":"Answer","text":"
This sounds like it could be a permissions issue, when you changed the domain admin password it might have altered some permissions so be sure double check the permissions on the certificate templates MMC. Also try run the certificate manager as an admin to try and figure out if its a user account control issue.<\/p>","upvoteCount":1,"datePublished":"2023-05-16T13:43:02.000Z","url":"https://community.spiceworks.com/t/ca-certs-not-available-after-changing-domain-administrator-password/951963/2","author":{"@type":"Person","name":"stefan-pulseway","url":"https://community.spiceworks.com/u/stefan-pulseway"}},"suggestedAnswer":[{"@type":"Answer","text":"
Not sure why, but after changing the domain administrator password I’m not able to request a certificate from the certificate authority for most certs. After the password change I only see “Computer”, “Web Server” and “Workstation Authentication” from a domain joined Windows server. If I check “Show all templates” I do see the rest of the certs, but all show “permissions on the certificate template do not allow the current user to enroll…”.<\/p>\n
If I log into a domain controller I’m able to see all of the certs and enroll them.<\/p>","upvoteCount":10,"datePublished":"2023-05-16T11:52:39.000Z","url":"https://community.spiceworks.com/t/ca-certs-not-available-after-changing-domain-administrator-password/951963/1","author":{"@type":"Person","name":"cwhitmore","url":"https://community.spiceworks.com/u/cwhitmore"}},{"@type":"Answer","text":"
Thanks Stefan. That’s what it was. I had to give the computers read/enroll permissions.<\/p>","upvoteCount":1,"datePublished":"2023-05-23T10:49:56.000Z","url":"https://community.spiceworks.com/t/ca-certs-not-available-after-changing-domain-administrator-password/951963/3","author":{"@type":"Person","name":"cwhitmore","url":"https://community.spiceworks.com/u/cwhitmore"}}]}}